What is the severity of CVE-2003-0235?

CVE-2003-0235 is considered a critical vulnerability due to its potential to allow remote code execution.

How do I fix CVE-2003-0235?

To address CVE-2003-0235, update to a patched version of the Mirabilis ICQ client that resolves the format string vulnerability.

What are the affected versions for CVE-2003-0235?

CVE-2003-0235 affects Mirabilis ICQ Pro versions including 99a_2.15build1701, 99a_2.21build1800, and several 2000 to 2003 builds.

How does CVE-2003-0235 exploit work?

CVE-2003-0235 exploits a format string flaw in the POP3 client that can be triggered by malicious responses to the UIDL command.

Is there a workaround for CVE-2003-0235?

A temporary workaround for CVE-2003-0235 is to disable or limit the use of the affected POP3 client until a patch is applied.

Vulnerability/
CVE-2003-0235

high

7.5

CWE

NVD-CWE-Other

7/5/2003

8/8/2024

CVE-2003-0235

First published: Wed May 07 2003(Updated: )

Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
CenterICQ	=99a_2.15build1701
CenterICQ	=99a_2.21build1800
CenterICQ	=2000.0a
CenterICQ	=2000.0b_build3278
CenterICQ	=2001a
CenterICQ	=2001b_build3636
CenterICQ	=2001b_build3638
CenterICQ	=2001b_build3659
CenterICQ	=2002a_build3722
CenterICQ	=2002a_build3727
CenterICQ	=2003a_build3777
CenterICQ	=2003a_build3799
CenterICQ	=2003a_build3800

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2003-0235?
CVE-2003-0235 is considered a critical vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2003-0235?
To address CVE-2003-0235, update to a patched version of the Mirabilis ICQ client that resolves the format string vulnerability.
What are the affected versions for CVE-2003-0235?
CVE-2003-0235 affects Mirabilis ICQ Pro versions including 99a_2.15build1701, 99a_2.21build1800, and several 2000 to 2003 builds.
How does CVE-2003-0235 exploit work?
CVE-2003-0235 exploits a format string flaw in the POP3 client that can be triggered by malicious responses to the UIDL command.
Is there a workaround for CVE-2003-0235?
A temporary workaround for CVE-2003-0235 is to disable or limit the use of the affected POP3 client until a patch is applied.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/weakness
agent/last-modified-date
agent/severity
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/mirabilis
canonical/centericq
version/centericq/99a_2.15build1701
version/centericq/99a_2.21build1800
version/centericq/2000.0a
version/centericq/2000.0b_build3278
version/centericq/2001a
version/centericq/2001b_build3636
version/centericq/2001b_build3638
version/centericq/2001b_build3659
version/centericq/2002a_build3722
version/centericq/2002a_build3727
version/centericq/2003a_build3777
version/centericq/2003a_build3799
version/centericq/2003a_build3800

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.